If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

How to continue using a .cap file?

I have finally managed to get Backtrack 3 to download packets from my home internet connection which uses a WEP connection, but it does it quite slowly as there isn't any other clients. How would I be able to reuse the .cap file that is created when I start airodump? Or when I start aircrack would I just have to type "aircrack-ng -b <mac address> dumpfile*.cap" and it would reuse all the .cap files that starts with "dumpfile"? I am running Back Track 3 from a USB stick, would the dumpfile-01.cap file still be there next time I load it up? Thanks for your help.

edit - Also, a couple of unrelated questions, is it possible to update aircrack on the USB stick? Or do I have to have it installed on my laptop?

What is your intention? Why do u want to reuse the .cap file and for what?

Because for various reasons, I am not allowed to use a computer for long periods of time, and because this is taking so long, it means that after I've got about 100,000 packets (after 2 hours), I end up being told to switch the computer off. I am wondering if it is possible to come back later and continue where I left off, without having to start all over again.

edit - Nevermind, got it working. An unrelated question slightly, but do you think the reason it is downloading data packets at around 10 every second is because there is no traffic on the network? Do you think if I made my main computer use wifi it would start downloading packets faster?

*

Yes, it would probably go faster if you were actually using the network - as there would be more packets to pick up. To answer a question you asked earlier, if the dumpfile would be there next time you booted, the answer is no. When you boot from USB you store everything in memory - which is lost when you power off.

You edited your last post and said you "got it working". It would be nice if you can explain what and how, in case other readers are wondering about the same thing :)

Yes, it would probably go faster if you were actually using the network - as there would be more packets to pick up. To answer a question you asked earlier, if the dumpfile would be there next time you booted, the answer is no. When you boot from USB you store everything in memory - which is lost when you power off.

You edited your last post and said you "got it working". It would be nice if you can explain what and how, in case other readers are wondering about the same thing

Sure. I just copied the .cap file to my Windows partition, then copied it back when I booted up Backtrack. Also, as soon as I set up my main computer to run wirelessly, the amount of packets increased dramatically. As in, I was originally getting about 10 packets a second, and it jumped to about 300. I only stopped because it then started getting this error message saying that the disk has run out of space. I checked the .cap file, and it was 200MB :O Also, I had to use rtap0 as well as eth1 as that is the only way I can inject properly.

I have another question (I often have a lot of questions about Linux) Does ettercap work with an ipw2200 card? My computer is a Dell Latitude D510 which has a centrino b/g ipw2200 card. Wouldn't I first need to use aireplay or whatever to make a fake authentication with the AP before ettercap works? Thanks a lot for your help.

edit - Well I think I've got ettercap partially working. It seems to be sniffing the network as when my sister connected to the internet on my main computer, I got "DHCP: [MAC address] REQUEST <router ip address>"
Only thing is, when she logged into her Hotmail account (she knew that I was sniffing the network by the way, she had given me permittion :P ), no certificate appeared, and no username and password appeared in Ettercap.